-
公开(公告)号:KR1020120136954A
公开(公告)日:2012-12-20
申请号:KR1020110056186
申请日:2011-06-10
Applicant: 한국전자통신연구원
Abstract: PURPOSE: A system and method for verifying a certificate are provided to minimize a certificate verification procedure using only a public key of a Root CA(root certification authority) without the acquisition of public key information of a local authentication server. CONSTITUTION: A first local authentication server(200) requests a corresponding signature value of a first initial parameter to a Root CA(100)(S501). The Root CA transmits the signature value of the first initial parameter to corresponding to the request of the first local authentication server to the first local certificate server(S502) The first local authentication server issues a certificate about a first terminal(300) and one or more terminals. The first terminal requests its own certificate to the first local authentication server(S503). The first local authentication server transmits the certificate corresponding to the first terminal to the first terminal(S504). The first terminal requests the certificate reissuance to the first local authentication server(S505). The first local authentication server transmits the reissued certificate to the first terminal(S506). [Reference numerals] (100) Root CA; (200) First local authentication server; (300) First terminal; (AA) Detection of an expiration date of a certificate; (S501) Request of a first initial parameter signature value; (S502) Issuing the first initial parameter signature value; (S503) Request of the certificate; (S504) Generation of the certificate; (S505) Request of the certificate for reissuing; (S506) Issuing the certificate for reissuing
Abstract translation: 目的:提供一种用于验证证书的系统和方法,以便在不获取本地认证服务器的公钥信息的情况下,仅使用根CA(根证书颁发机构)的公钥来最小化证书验证过程。 构成:第一本地认证服务器(200)向根CA(100)请求第一初始参数的对应签名值(S501)。 根CA将第一初始参数的签名值发送到第一本地认证服务器对第一本地证书服务器的请求(S502)。第一本地认证服务器发布关于第一终端(300)的证书,以及一个或 更多的终端 第一个终端向第一个本地认证服务器请求自己的证书(S503)。 第一本地认证服务器将与第一终端对应的证书发送到第一终端(S504)。 第一终端向第一本地认证服务器请求证书重发(S505)。 第一本地认证服务器将再发行证书发送给第一终端(S506)。 (附图标记)(100)根CA; (200)第一本地认证服务器; (300)第一码头; (AA)检测证书的到期日期; (S501)第一初始参数签名值的请求; (S502)发出第一初始参数签名值; (S503)证书要求; (S504)生成证书; (S505)请求发放证书; (S506)发行再发行证书
Search Results
21
records
(took 0.014 seconds)
